﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data.OleDb;

public partial class login : System.Web.UI.Page
{
    protected void Page_Load(object sender, EventArgs e)
    {

    }

    protected void btnLogin_Click(object sender, ImageClickEventArgs e)
    {
        string UserName = txtUserName.Text.Trim();
        string UserPwd = txtUserPwd.Text.Trim();
        if (string.IsNullOrEmpty(UserName) || string.IsNullOrEmpty(UserName))
        {
            lbMsg.Text = "请输入您要登录用户名或密码";
        }
        else
        {
            if (Session["AdminLoginSun"] == null)//用session去记录登录错误次数
            {
                Session["AdminLoginSun"] = 1;
            }
            else
            {
                Session["AdminLoginSun"] = Convert.ToInt32(Session["AdminLoginSun"]) + 1;
            }
            //判断登录
            if (Session["AdminLoginSun"] != null && Convert.ToInt32(Session["AdminLoginSun"]) > 3)
            {
                lbMsg.Text = "登录错误超过3次，请关闭浏览器重新登录。";
                btnLogin.Enabled = false;
            }
            else
            {
                // string upstr = "update tb_admin set a_ip=@a_ip,a_lasttime=@a_lasttime where a_name=@name and a_pwd=@pwd";
                string str = "select * from tb_admin where a_name=@name and a_pwd=@pwd";
                OleDbParameter[] param = { 
                                     new OleDbParameter("@name",UserName),
                                     new OleDbParameter("@pwd",UserPwd)
                                 };
                //OleDbParameter[] paramup = { 
                //                     new OleDbParameter("@a_ip",Request.UserHostAddress.ToString()),
                //                     new OleDbParameter("@a_lasttime",DateTime.Now),
                //                     new OleDbParameter("@name",UserName),
                //                     new OleDbParameter("@pwd",Common.Md5coding(UserPwd))
                //                 };
                OleDbDataReader dr = OleDbHelper.GetDataReader(str, param);
                if (dr.HasRows)
                {
                    while (dr.Read())
                    {
                        Session["name"] = dr["a_name"].ToString();
                    }
                    dr.Close();
                    dr.Dispose();
                    // OleDbHelper.ExecuteNonSql(upstr, paramup);
                    Response.Redirect("admin/Main.aspx");
                }
                else
                {
                    lbMsg.Text = "您输入的用户名或密码不正确";
                }
            }

        }
    }
}